To enable SSL connections for your FileMaker Server installation, you should have a valid digital certificate installed. FileMaker Server provides a standard SSL certificate signed by FileMaker, Inc. that does not verify the server name. The FileMaker default certificate is intended only for test purposes.

To request an SSL certificate from a certificate authority (CA), create a certificate signing request, serverRequest.pem, which you send to the CA using the process defined by the CA. For a list of supported CAs, see the FileMaker Knowledge Base.

To create a certificate signing request:

1. Click the Database Server > Security tab.

2. Click Create Request.

3. For the certificate signing request (serverRequest.pem), enter the following information:

•Domain name — The fully qualified domain name for your server.

To create a wildcard certificate, use a wildcard in place of the fully qualified domain name. For example: *.domain.com

•Company name — Your company’s full name.

•Organization — The name of your organization or department.

•City — The city where your server is located.

•State or Province — The fully spelled-out state or province where your server is located.

•Country — The two-letter code for the country where your server is located. For a list of two-letter country codes, see the International Organization for Standardization (ISO) website (iso.org).

4. For the private key file (serverKey.pem), enter an encryption password and confirm the password.

5. Click Create to create the serverRequest.pem and serverKey.pem files in the server’s CStore folder.

6. Follow the instructions listed as Next Steps in the dialog box.

Notes

•If you need to create a different certificate signing request, click Start Over and delete the existing certificate signing request and private key files.

•Certificate signing requests created for FileMaker Server 14 cannot be used to create SSL certificates for FileMaker Server 15 and 16.

•The Create Certificate Signing Request dialog box allows you to create a request for a domain certificate or a wildcard certificate. It does not support creating a request for a subject alternative name (SAN) certificate. To use a SAN certificate, contact your CA to create the certificate signing request.